Proxy Authentication
David Woodhouse
dwmw2 at infradead.org
Wed Sep 4 06:28:56 EDT 2013
On Wed, 2013-09-04 at 09:46 +0000, Duft Markus wrote:
>
> Now for my question: i'm behind a NTLM proxy requiring authentication,
> and this does not seem to work with openconnect. Is there any
> information about that (google didn't come up with something useful),
> or plans to implement this?
http://squid.sourceforge.net/ntlm/client_proxy_protocol.html
Patches welcome.
First make openconnect parse the username and password fields from the
URL properly, so it doesn't think they're part of the server hostname.
Then make it detect the Proxy-Authenticate: response from the proxy and
do the right thing (giving an error message if we has no login details
or it is a method other than 'NTLM', and attempting to connect again
with an appropriate Proxy-Authorization: header if it does.)
Where I say "an appropriate Proxy-Authorization: header" above, I can
give you a function that will *create* the base64 content of that header
for you; don't worry about that bit. Get the groundwork done, and I can
do that bit easily enough.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20130904/f003e5d2/attachment.bin>
More information about the openconnect-devel
mailing list